GDPR, blockchain and the technological arms race

A “blockchain killer” in the house? The press, who never knowingly misses an opportunity for drama, is making much of the upcoming clash between blockchains and EU regulators over the new data rules (GDPR), due to activate just over a month from now.

On the one hand, the right of all EU citizens to insist that their data is removed does mean that blockchains can no longer be immutable (in other words, they can no longer be blockchains).

But on the other hand, most of the private blockchains that enterprises are building on are not actually blockchains – they’re distributed ledgers, and they can be mutable. Those that are building on cryptographic systems based on chains of blocks, yup, that might be more of an issue.

Which is a drawback, since there are compelling use cases for public ledgers, and the technological development going on behind the scenes will – if allowed to continue – fuel further use cases and functionalities.

Although the work would most likely go ahead anyway. On the public, decentralized blockchains – they’re not “owned” by anyone. So just who is the European Union going to fine?

Apps that are run by a centralized organization might be easier to target – but there’s not a lot of clarity over control of the data. In a cloud server, for instance, if the company that put the data in there doesn’t eliminate the information, Amazon or Microsoft could step in to do so. In a public, distributed database where no particular entity has control over what goes in, who would the authorities insist take it out?

What’s more, switching geographical base is getting easier, with other jurisdictions clamouring for the talent and investment. All a clampdown would achieve is an exodus from Europe, and a missed opportunity to participate in greater efficiencies and new collaborations.

This highlights the futility of the GDPR legislation, and how it hands technological supremacy to other geographical areas of influence. It not only further entrenches the power of existing silos at the expense of smaller businesses (due to the considerable compliance costs, which the larger companies should have no problem absorbing); it also inhibits innovation in new data structures that actually have the power to better distribute processes and utility (and I’m not just talking about blockchain).

race

(gif via Tenor)

At the same time, it could spur research into new ways of handling online information, including the possibility of sovereign identity. Rather than just an interesting concept with potentially empowering consequences, new identity management could become an economic imperative.

The goal is becoming increasingly important, given that Europe is falling behind. A think tank (with the aspirational name JEDI, for Joint European Disruption Initiative) has called the region to task for being too slow and thinking too small in its technological development. Misguided initiatives that ineffectually value privacy over progress, and punitive tax measures that will have the net effect of reducing collections, further entrench the disadvantage.

As recent headlines (North Korean hackers, Chinese takeovers and belligerent National Security Advisors, to name just a few) highlight, technology is an increasingly powerful tool in the race to economic (and military) supremacy. Barriers to development – however well-intentioned – could end up deciding the winner. Even leaving aside military outcomes, economic growth for all becomes a matter of survival as deepening inequality shakes political establishments to their core.

So, it’s probable that GDPR will back down, and allow blockchain development – on both public and private ledgers – to continue. That would be good news, on many levels. We have no way of knowing where the impact of research and pilots will be most felt, but we can be certain that the progress will be felt in areas well beyond the bounds of the crypto sector.

Rather than European data privacy laws squelching blockchains, it may be that blockchains squelch GDPR.

 

Leave a Reply

Your email address will not be published. Required fields are marked *